GitHub Enterprise Cloud has introduced a new feature allowing customers to stream audit log and Git events to platforms like Splunk or Azure Event Hub in near real-time, with data retention for up to seven days for paused collections. This feature enhances the ability of enterprise administrators to conduct short-term investigations and long-term threat analysis by ensuring no audit log event is lost, and allows data to be stored within an organization's data collection systems for extended periods. Git events constitute the majority of enterprise-generated events and can be analyzed using GitHub's API or streaming capability, though the API provides only a seven-day data window. Users can filter events by specific organizations and integrations with platforms like AWS S3, Azure Blob Storage, and Google Cloud Storage are forthcoming, alongside support for more SIEM partners and threat prevention tools. GitHub is actively seeking user feedback and offers support to help users set up their streams, with more status and error handling improvements planned as the feature remains in public beta.